CVE-2017-17805
Severity CVSS v4.0:
Pending analysis
Type:
CWE-20
Input Validation
Publication date:
20/12/2017
Last modified:
20/04/2025
Description
The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or have unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable.
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Base Score 2.0
7.20
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 2.6.25 (including) | 3.2.97 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 3.3 (including) | 3.16.52 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 3.17 (including) | 3.18.89 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 3.19 (including) | 4.1.49 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.2 (including) | 4.4.107 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.5 (including) | 4.9.71 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.10 (including) | 4.14.8 (excluding) |
| cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:opensuse_project:leap:42.3:*:*:*:*:*:*:* | ||
| cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:* | ||
| cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:* | ||
| cpe:2.3:o:suse:linux_enterprise_server:11:extra:*:*:*:*:*:* | ||
| cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ecaaab5649781c5a0effdaf298a925063020500e
- http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html
- http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html
- http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html
- http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html
- http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html
- http://www.securityfocus.com/bid/102291
- https://access.redhat.com/errata/RHSA-2018:2948
- https://access.redhat.com/errata/RHSA-2018:3083
- https://access.redhat.com/errata/RHSA-2018:3096
- https://access.redhat.com/errata/RHSA-2019:2473
- https://github.com/torvalds/linux/commit/ecaaab5649781c5a0effdaf298a925063020500e
- https://lists.debian.org/debian-lts-announce/2018/01/msg00004.html
- https://usn.ubuntu.com/3617-1/
- https://usn.ubuntu.com/3617-2/
- https://usn.ubuntu.com/3617-3/
- https://usn.ubuntu.com/3619-1/
- https://usn.ubuntu.com/3619-2/
- https://usn.ubuntu.com/3620-1/
- https://usn.ubuntu.com/3620-2/
- https://usn.ubuntu.com/3632-1/
- https://www.debian.org/security/2017/dsa-4073
- https://www.debian.org/security/2018/dsa-4082
- https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.8
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ecaaab5649781c5a0effdaf298a925063020500e
- http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html
- http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html
- http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html
- http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html
- http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html
- http://www.securityfocus.com/bid/102291
- https://access.redhat.com/errata/RHSA-2018:2948
- https://access.redhat.com/errata/RHSA-2018:3083
- https://access.redhat.com/errata/RHSA-2018:3096
- https://access.redhat.com/errata/RHSA-2019:2473
- https://github.com/torvalds/linux/commit/ecaaab5649781c5a0effdaf298a925063020500e
- https://lists.debian.org/debian-lts-announce/2018/01/msg00004.html
- https://usn.ubuntu.com/3617-1/
- https://usn.ubuntu.com/3617-2/
- https://usn.ubuntu.com/3617-3/
- https://usn.ubuntu.com/3619-1/
- https://usn.ubuntu.com/3619-2/
- https://usn.ubuntu.com/3620-1/
- https://usn.ubuntu.com/3620-2/
- https://usn.ubuntu.com/3632-1/
- https://www.debian.org/security/2017/dsa-4073
- https://www.debian.org/security/2018/dsa-4082
- https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.8